A cloud-user behavior assessment based dynamic access control model

被引：4

作者：

Jing X. ^{[1
]}

Liu Z. ^{[1
]}

Li S. ^{[1
]}

Qiao B. ^{[2
]}

Tan G. ^{[1
]}

机构：

[1] College of Information Engineering, Northwest A & F University, Shaanxi

[2] Department of Generic Technology Promotion, Coordinating Centre of Scientific and Technological Resources, Shaanxi

来源：

International Journal of System Assurance Engineering and Management | 2017年 / 8卷 / Suppl 3期

基金：

国家高技术研究发展计划(863计划);

关键词：

Access control; Cloud-user behavior risk; Dynamic authorization; Trust degree;

D O I：

10.1007/s13198-015-0411-1

中图分类号：

学科分类号：

摘要：

In traditional role-based access control (RBAC) model, the permission is bound with identity statically, without being dynamically adjusted by user behavior. Cloud users distribute widely and constitute complex and have legitimate identity whose behavior may be incredible, but any attack is achieved through malicious behavior. The cloud-user behavior assessment based dynamic access control model was proposed by introducing user behavior risk value, user trust degree and other factors into RBAC. First, the times of threat behavior was introduced into the information security risk equation to improve the accuracy of user behavior risk value. Then, both the times of threat behavior and the uneven interval of risk threshold were introduced the trust model based on behavior risk evolution to improve the accuracy of user trust degree. Finally, the dynamic authorization was achieved by mapping trust level and permissions. By the simulation experiment in a small campus cloud system, it can be shown that the change of user behavior risk value and user trust degree is more rational under different times and frequencies of threat behavior, and dynamic authorization is flexible by mapping the risk level and the user permissions. © 2015, The Society for Reliability Engineering, Quality and Operations Management (SREQOM), India and The Division of Operation and Maintenance, Lulea University of Technology, Sweden.

引用

页码：1966 / 1975

页数：9

共 16 条

[1] Role-based access control. ANSI INCITS 359-2004, American National Standards Institute, International Committee for Information Technology Standards, 35, 6, pp. 37-50, (2004)
[2] Burnett C., Chen L., Edwards P., Et al., TRAAC: trust and risk aware access control, IEEE PST, (2014)
[3] Chen Y.R., Tian L.Q., Yang Y., Model and analysis of user behavior based on dynamic game theory in cloud computing, Acta Electron Sin, 39, 8, pp. 1818-1823, (2011)
[4] Feng G.D., Zhang M., Zhang Y., Xu Z., Study on cloud computing security, J Softw, 22, 1, pp. 71-83, (2011)
[5] Information security technology—risk assessment specification for information security, (2007)
[6] Josang A., Lo Presti S., Analysing the relationship between risk and trust, Trust Manag, 2, pp. 135-145, (2004)
[7] Lin G., Wang D., Bie Y.Y., Et al., MTBAC: a mutual trust based access control model in cloud computing, China Commun, 11, 4, pp. 154-162, (2014)
[8] Liu W., Duan H.X., Zhang H., Ren P., Wu J.P., TRBAC: trust based access control model, J Comput Res Dev, 48, 8, pp. 1414-1420, (2011)
[9] Ma S.N., He J.S., Gao F., Zhang Y.Q., Access control model based on trust, Int J Digit Content Technol Appl, 5, 7, pp. 320-325, (2011)
[10] Mahalle P.N., Thakre P., Prasad N.R., Et al., A fuzzy approach to trust based access control in internet of things, (2013)

← 1 2 →